A permission-combination scalable access control model for Internet of things

Development of the Internet of things (IoT) is considered as one of the major events in modern manufacturing industry, and IoT devices are expected to create and exchange vast amounts of data, thereby bringing forth unprecedented challenges in terms of robust and vendor-neutral data sharing. While access control is widely used to protect the security of data sharing, it still has some security flaws and limitations, such as privacy leakage, fixed access permissions, security vulnerabilities, and so on. Aiming at these problems, this article proposes a permission-combination scalable access control (PCS-AC) scheme, in which the methods of access permissions assignment, data encryption, and data access are given. In contrast to prior works, PCS-AC differs in several significant ways: (1) it supports anonymous access and traceability. Anonymous access can prevent leakage of users' privacy. Traceability can track the illegally accessed entity when the resource is illegally accessed; (2) it supports scalable access to data resources. Users use a combination of attribute permissions to access data at different security levels; (3) it achieves high efficiency because the entity can quickly search ciphertext resources by plaintext keywords. After searching and downloading the ciphertext, decrypt it by group key to obtain the corresponding plaintext information. PCS-AC is proven secure under the hardness assumption of Discrete Logarithm problem and Inverse Computational Diffe-Hellman problem. The performance analysis shows that PCS-AC has higher efficiency than the referred works.